Google is already using a quantum-safe encryption process (post-quantum cryptography) in its latest version of the Chrome browser. Companies should do the same.
The quantum-safe key encapsulation process in the Chrome browser protects the exchange of symmetric keys when establishing secure TLS connections. Is this step necessary even though practical use of quantum computers is not yet foreseeable in the near future? Yes, says Nils Gerhardt, CTO at Utimaco.
Prepare for the future
“In fact, we cannot yet say when practical use of quantum computers can be expected or when criminals will have access to them. But this will happen at some point and without appropriate preparation, attacks can have dramatic consequences.
With the introduction of the new algorithm, Google wants to protect itself against, among other things, the attack and espionage strategy 'Harvest now, decrypt later'. The aim is to access encrypted data today and store it until cryptanalysis technology has developed further in the future. Critical data can still be valuable five, ten or 20 years from now. This foresight is therefore very important when it comes to countermeasures.
Use crypto-agile security technologies
Other companies that are currently investing in their security infrastructures should also act with similar foresight. You should make sure that these technologies are crypto-agile. This allows a cyber security system to quickly switch to an alternative, new crypto system without making significant changes to the IT system or cyber security system (system architectures, protocols, etc.). Devices such as hardware security modules (HSM) for key generation and the protected execution of cryptographic algorithms are already designed in such a way that new post-quantum algorithms can be implemented if necessary. By using HSMs, companies are on the safe side and can react quickly as soon as there are new developments in the field of quantum computing.”
More at Utimaco.com
About Utimaco
UTIMACO is a leading global provider of high-security technologies for cybersecurity and compliance solutions and services with headquarters in Aachen, Germany and Campbell (CA), USA. UTIMACO develops and produces on-premise and cloud-based hardware security modules, key management, data protection and identity management solutions.
Matching articles on the topic